The Challenges of Open Source in the Enterprise

Enterprise and open source—are they peanut butter and jelly, working well together for a better world, or are they oil and water, meeting but never coming together? In this article, I explore the challenges of adopting open source in the enterprise. I look at the technical issues, the business challenges and the political hurdles.

Move to the Business

In addition to solving technical problems, some of which are specific
to an enterprise, there are unique enterprise business requirements as
well. In a small IT environment or Web startup, no one wants a problem or
outage any more than in an enterprise. However, the technical tolerance
may be greater in a smaller environment, and it often is acceptable
that the trade-offs require the lone in-house expert (that would be
you) to “take care of the problem” in an emergency; often that is
the actual crisis plan. In an enterprise, with postmortems, roles
and responsibilities, and sometimes “pin the blame on the
donkey”, a
support plan of “I will deal with it and work with on-line fora when
it breaks” will not go over very well. The cost of error or failure
is at least proportional and often even exponential to the size of
the IT budget.

These challenges create a minor requirement known as
a service-level agreement (SLA). IT promises its customers, whether
internal or external, certain service levels. In order to meet those
levels, there needs to be a predictable and reliable point of service
for every element of technology. For HP servers, there is a service
contract and spares; for routers, it is Cisco support or a partner; for
open source, it is ... ? In many cases, the product is stable enough or
distributed enough not to matter. In other cases, it matters greatly.
“If it
breaks, who will fix it?” is likely the number one question CIOs will
ask. They are not being difficult; they simply are doing their jobs,
determining whether they can meet SLAs and what will be the
true fully loaded cost of your open-source adventure.

In that respect, one of the more interesting business ideas in the
last decade is Red Hat. Its products are almost entirely open-source
products that can be downloaded for free from elsewhere. However,
it sells versions with full support. Essentially, Red Hat has decoupled
product development from product support. There is nothing particularly
special about Sun that allows it and only it to support Solaris
(at least since Solaris was made open source). Anyone with sufficient expertise can do so.
Recognizing that truth is the key to providing support for open-source products, exactly as
Red Hat has done for Linux. It sold more than a half-billion dollars in support subscriptions in
2009 for products that it, by and large, did not develop.

Don't Discount Politics

Politics is the bane of every technologist's
existence. Politics
is about the subtle art of power interplays, personalities and
compromise. Technology, on the other hand, is about science, the truth and
the correct way. For a technologist, proving your point through tests and
scientific answers is the right way to go, but this path only antagonizes
outsiders. For politics does not care about the right answer, but about
the one that meets people's needs, rational and emotional. The solution
may very well not be the best one. It may not even really solve the
technical problem, but it is the one adopted nonetheless.

Around six years ago, I was exploring solutions to a particular problem
at a very large enterprise (around 100,000 employees). There were several
solutions, but the one I was advocating was open source. The other leading
candidate was proprietary. I had a very good relationship with the firm's
attorney, with whom I discussed the issue. “Let's say the product fails
spectacularly”, she said, “and we lose $10MM in business because of
it, who do we come after? Who do we blame?” From her perspective, an
attorney who is focused on the firm's legal needs, this is a perfectly
valid reason to go for closed source, backed by a large company. From my
perspective, I far preferred to go with the solution that would not only
cost far less, but also would provide better performance, thus reducing the
probability and expected cost of failure, let alone spectacular failure.

As an aside, it is also important to note that my
perspective could be difficult for her politically. If we focus solely
on reducing the probability and expected cost of failure, and accept
damages due to failure as an unfortunate cost of doing business, then
the legal department's value is concomitantly reduced. If she has any
influence over the final decision, and she did, these issues, seemingly
irrelevant to most technologists, must be taken into account. In this
case, I actually did win her over by pointing to the End-User License
Agreement (EULA). Like most such EULAs, there was a very strong limitation
of liability. For example, if you read the EULA to Microsoft Windows XP
Professional Edition, it clearly states that your Exclusive Remedy is
limited to either replacement of the defective software or possibly refund
of the cost of the software itself. If $10,000 in software causes $10MM
in damage, the most you can get back is $10,000 (maybe). I pointed out
that the legal department had already been rendered irrelevant for this software,
and not by me. Thus, the choice of solution would neither
reduce their position, nor strengthen someone (me) who had reduced that
positioning already.

Politics is the art of recognizing who wins and who loses with each
decision. Understand the relationships, the power plays, who has the
backing of the vendor you are explicitly discarding, who controls the
budgets, and you will be in a better position to pick your battles and
win them.

Trending Topics

Webinar: 8 Signs You’re Beyond Cron

Scheduling Crontabs With an Enterprise Scheduler
11am CDT, April 29th

Join Linux Journal and Pat Cameron, Director of Automation Technology at HelpSystems, as they discuss the eight primary advantages of moving beyond cron job scheduling. In this webinar, you’ll learn about integrating cron with an enterprise scheduler.